Secure remote authentication through an untrusted network
US8516560B2 · kind B2 · utility
Inventors
Key dates
| Filing date | Jan 16, 2009 |
| Grant date | Aug 20, 2013 |
| Priority date | — |
| Expiry date | Nov 16, 2031 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L2209/805
- WIPO fieldIT methods for management
- WIPO sectorElectrical engineering
Abstract
A method for securely authenticating a user of a portable consumer device at an access device comprising the following steps. First, a dynamic data element and a first set of transactional information is sent to the portable consumer device from the access device. Next, the portable consumer device creates an authentication code as a function of at least the dynamic data element, a subset of the first set of transactional information, and a password. The authentication code, along with other data, is then sent from the portable consumer device back to the access device. The access device then uses the authentication code to send an authentication request message to the service provider of the user. The service provider then attempts to authenticate the user by recreating the authentication code and comparing the recreated authentication code with the authentication code received from the access device.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.